Monday, August 27, 2012

Computer Analysts and Experts – Making the Most of GPS Evidence

by Professor David Last

The many companies that sell software for computer forensics have
developed products for analysing satellite navigators. Police high tech
crime units and independent laboratories now use this software on an
industrial scale. Computer technicians conduct the analyses. This is
home territory for them, since the biggest component of a vehicle
satellite navigator is a computer, often running the Linux operating
system, and with access via a USB connection or an SD card. The analysis
software extracts addresses which it plots using tools such as Google
Maps. Specialists extract similar data from satnavs built into vehicles.

But many investigating officers find the results disappointing: “it’s
just a list of addresses!” Unlike CCTV, ANPR and witness evidence,
there are rarely times or dates to fit into a chronology. And anyway,
the addresses are simply destinations for planning routes. The defence
will point out that no-one can say who entered them, or at what time on
what date, or whether a route was planned to them, or whether the satnav
ever went there, let alone in a specific vehicle driven by a their
client!

Another problem is that the investigating officer may simply not be
able to understand the data provided. What are all these addresses? Were
they recorded by the device itself or input by a user? Was that
inputting an intentional action? The sense of frustration is enhanced by
the quality of reports generated by much commercial software. The best
packages provide at least some explanation of the data they contain, the
worst none at all. The technicians who conduct the analyses often have
neither the time nor the training to help. This leaves the officer with
the prospect of presenting and defending poorly understood data in
court. Some just give up!